Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          g6RxfX6rRanoAu/pyed6KFDOH3GLKWkjv8Z9XQ0yLe0=
Subject key identifier:   74:60:AD:DA:4B:74:C4:A0:87:14:97:7E:72:62:C1:2B:D8:EB:86:E1
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       019750EADF62B7451E3DC1A2E71500007E28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          150E
Signing time:             Sun 08 Jun 2025 19:00:59 +0000
Manifest this update:     Sun 08 Jun 2025 19:00:59 +0000
Manifest next update:     Mon 09 Jun 2025 19:00:59 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: yg1dBLKJP7jm7KKx/5quHpf9rOPSPx/KFytGc2cIfwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:ea:df:62:b7:45:1e:3d:c1:a2:e7:15:00:00:7e:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Jun  8 19:00:59 2025 GMT
            Not After : Jun  9 19:00:59 2025 GMT
        Subject: CN=7460adda4b74c4a08714977e7262c12bd8eb86e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0c:c4:8d:12:54:d8:b2:f7:67:70:7e:d2:e6:
                    73:95:4d:e1:e4:67:7d:ce:cf:ee:3e:c6:3b:2e:d9:
                    22:76:9f:5b:24:5c:28:f2:cd:18:12:6d:4e:ea:9d:
                    e6:84:7e:a0:58:c1:67:5c:1f:85:21:fa:55:cb:c0:
                    6d:73:5a:48:ff:cb:15:a6:76:a7:78:19:b2:ae:48:
                    cb:db:0a:ce:4e:3e:8d:be:5c:1d:6d:75:e5:34:27:
                    de:2a:4a:8b:e4:6f:43:81:38:7f:2d:8f:1f:80:f3:
                    c2:87:d1:d4:8c:4d:f7:30:ae:d6:71:01:1d:05:0c:
                    92:0d:f2:5b:4b:a2:82:dd:4a:11:60:f3:6f:32:75:
                    c6:7c:a3:a1:bb:ad:a1:77:9a:79:75:b0:db:f6:51:
                    8d:c0:d6:c1:41:5e:ae:8a:af:ad:b1:8b:56:65:52:
                    21:c6:18:67:1c:1f:ff:ef:1d:49:74:2b:01:35:d3:
                    87:20:ed:c3:89:ff:15:d9:ea:ed:9b:e8:28:4d:5d:
                    8c:97:8f:d4:a8:6d:40:e1:0d:5f:cc:18:cf:71:1c:
                    45:74:0c:09:a1:e8:3d:d8:ac:dd:4d:c1:ad:29:f6:
                    0f:01:b4:16:ac:c4:e8:9d:63:fe:51:d9:4b:c4:62:
                    48:03:c1:3b:de:4c:ba:58:92:71:cf:28:6e:47:54:
                    ae:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:60:AD:DA:4B:74:C4:A0:87:14:97:7E:72:62:C1:2B:D8:EB:86:E1
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:4a:37:41:43:99:87:c9:9f:a9:a5:89:1f:d9:d3:3b:3b:d8:
         17:96:c2:13:38:0f:1a:34:48:76:c7:12:86:4b:48:1e:82:1d:
         20:d0:79:38:3a:e4:47:12:f5:ab:13:cd:bb:98:00:ed:70:79:
         15:83:00:9f:8d:a3:53:a6:04:ac:a1:99:ef:28:7a:e7:f5:92:
         c6:b8:63:ab:3c:9d:cf:b7:61:74:33:46:b1:71:ee:9e:42:71:
         51:2e:db:0b:10:48:e1:d2:59:ec:ac:a0:7f:1c:e2:37:4e:f2:
         96:c0:e2:8d:21:5b:35:7f:fa:4c:e8:46:82:18:19:d8:8c:e1:
         61:9a:db:bc:fd:79:be:34:54:0d:5b:4e:c2:3d:0d:f8:19:5f:
         93:52:1f:bc:f9:84:19:b1:72:36:df:d1:2e:31:ab:cb:83:32:
         5c:75:01:d6:85:9b:84:22:1a:30:d1:ca:ac:dd:15:12:6e:04:
         d4:95:fb:37:92:69:74:cf:c4:dc:a7:85:29:a3:e0:ff:b0:50:
         95:b1:f9:a9:66:1b:24:9f:e1:96:35:01:f2:89:04:49:ae:79:
         dc:c6:3e:94:65:79:16:41:55:37:be:85:78:a9:41:14:3f:77:
         6f:97:3e:0c:50:f8:0d:3e:ee:0e:b6:ea:a3:0e:19:33:fd:2e:
         87:11:4a:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQ6t9it0UePcGi5xUAAH4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjUwNjA4MTkwMDU5WhcNMjUwNjA5MTkwMDU5WjAzMTEwLwYDVQQD
Eyg3NDYwYWRkYTRiNzRjNGEwODcxNDk3N2U3MjYyYzEyYmQ4ZWI4NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAzEjRJU2LL3Z3B+0uZzlU3h5Gd9
zs/uPsY7Ltkidp9bJFwo8s0YEm1O6p3mhH6gWMFnXB+FIfpVy8Btc1pI/8sVpnan
eBmyrkjL2wrOTj6NvlwdbXXlNCfeKkqL5G9DgTh/LY8fgPPCh9HUjE33MK7WcQEd
BQySDfJbS6KC3UoRYPNvMnXGfKOhu62hd5p5dbDb9lGNwNbBQV6uiq+tsYtWZVIh
xhhnHB//7x1JdCsBNdOHIO3Dif8V2ertm+goTV2Ml4/UqG1A4Q1fzBjPcRxFdAwJ
oeg92KzdTcGtKfYPAbQWrMTonWP+UdlLxGJIA8E73ky6WJJxzyhuR1SuYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRgrdpLdMSghxSXfnJiwSvY64bhMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQUo3QUOZ
h8mfqaWJH9nTOzvYF5bCEzgPGjRIdscShktIHoIdINB5ODrkRxL1qxPNu5gA7XB5
FYMAn42jU6YErKGZ7yh65/WSxrhjqzydz7dhdDNGsXHunkJxUS7bCxBI4dJZ7Kyg
fxziN07ylsDijSFbNX/6TOhGghgZ2IzhYZrbvP15vjRUDVtOwj0N+Blfk1IfvPmE
GbFyNt/RLjGry4MyXHUB1oWbhCIaMNHKrN0VEm4E1JX7N5JpdM/E3KeFKaPg/7BQ
lbH5qWYbJJ/hljUB8okESa553MY+lGV5FkFVN76FeKlBFD93b5c+DFD4DT7uDrbq
ow4ZM/0uhxFKXA==
-----END CERTIFICATE-----